Professional Documents
Culture Documents
Program No.:-4: 1) System Privileges
Program No.:-4: 1) System Privileges
:- 4
1) System Privileges:-
A system privilege is the right to perform a particular action or to perform an action on any object
of a particular type. Objects include tables, views, materialized views, synonyms, indexes,
sequences, cache groups, replication schemes and PL/SQL functions, procedures and packages.
Only the instance administrator or a user with ADMIN privilege can grant or revoke system
privileges.
Privilege Description
Enables a user to perform administrative tasks
ADMIN including check pointing, backups, migration,
and user creation and deletion.
ALTER ANY INDEX Enables a user to alter any index in the
database.
ALTER ANY TABLE Enables a user to alter any table in the
database.
CREATE ANY INDEX Enables a user to create an index on any table
or materialized view in the database.
Enables a user to create a PL/SQL procedure,
CREATE ANY PROCEDURE function or package owned by any user in the
database.
CREATE ANY VIEW Enables a user to create a view owned by any
user in the database.
CREATE TABLE Enables a user to create a table owned by any
user in the database.
DELETE ANY TABLE Enables a user to delete from any table in the
database.
DROP ANY INDEX Enables a user to drop any index in the
database.
DROP ANY TABLE Enables a user to drop any table in the
database.
Enables a user to insert into any table in the
UPDATE ANY TABLE database. It also enables the user to insert into
any table using the synonym, public or private,
to that table.
SELECT ANY TABLE Enables a user to select from any table, view,
materialized view, or synonym in the database.
Varun
CSE 8th SEM
15011001051
INSERT ANY TABLE Enables a user to update any table or synonym
in the database.
2) Object Privileges:-
An object privilege is the right to perform a particular action on an object or to access another user's
object. Objects include tables, views, materialized views, indexes, synonyms, sequences, cache
groups, replication schemes and PL/SQL functions, procedures and packages.
An object's owner has all object privileges for that object, and those privileges cannot be revoked.
The object's owner can grant object privileges for that object to other database users. A user
with ADMIN privilege can grant and revoke object privileges from users who do not own the
objects on which the privileges are granted.
3) Privilege Hierarchy:-
Varun
CSE 8th SEM
15011001051
Some privileges confer other privileges. For example, ADMIN privilege confers all other
privileges. The CREATE ANY TABLE system privilege confers the CREATE TABLE object
privilege. Table shows the privilege hierarchy.
Privilege Confers these Privileges
All other privileges
ADMIN including CACHE_MANAGER
CREATE ANY INDEX INDEX (any table or materialized view)
CREATE ANY MATERIALIZED VIEW CREATE MATERIALIZED VIEW
CREATE ANY PROCEDURE CREATE PROCEDURE
CREATE ANY SEQUENCE CREATE SEQUENCE
CREATE ANY SYNONYM CREATE SYNONYM
CREATE ANY TABLE CREATE TABLE
CREATE ANY VIEW CREATE VIEW
DELETE ANY TABLE DELETE (any table)
EXECUTE ANY PROCEDURE EXECUTE (any procedure)
INSERT ANY TABLE INSERT (any table)
SELECT ANY SEQUENCE SELECT (any sequence)
SELECT ANY TABLE SELECT (any table, view or materialized
view)
UPDATE ANY TABLE UPDATE (any table)
Varun
CSE 8th SEM
15011001051
Program No.:- 5
Step 2.:- Create a Table where we have to apply the permissions to the user.
Step 3.:- Now Grant the Permissions to the particular table created as commands given below:
Command: GRANT ALL ON EMP TO vasu; It will Grant all the Permissions to the user.
Command: GRANT CONNECT, RESOURCE, DBA TO vasu; It will Grant the Connections,
Resources, DBA to the user not on particular table.
Command: GRANT SELECT, UPDATE ON EMP TO vasu; In this the user is only o view and
modify records in the table ‘EMP’.
Command: GRANT ALL ON EMP_DEL TO vasu WITH GRANT OPTION; In this the user
‘vasu’ all data manipulation privileges on the table ‘EMP_DEL’ along with the further grant
permission on the table to the other users.
Varun
CSE 8th SEM
15011001051
2) Revoking Permissions to Users:
Privileges once given can be denied to a user using the ‘REVOKE’ command. The object owner
can revoke privileges granted to another user. A user of an object who is not the owner, but has
been granted the GRANT privilege, has the power to REVOKE the privileges from a grantee.
The REVOKE statement is used to deny the grant given on an object.
Syntax:
REVOKE <Object_Privileges> ON <Object_Name> FORM <Usern_NAME>;
Example Steps to GRANT User with Output:-
Step 1.:- After Granting we can Revoke the user using the command given below:
Note:- Grant will always work first, Revoke will never work First.
Command: REVOKE DELETE ON EMP FROM vasu; All Privileges on the table ‘EMP’ have
been granted to ‘vasu’. Take back the DELETE privilege on the table.
Command: REVOKE ALL ON EMP FROM vasu; Take back ALL privileges on the table
‘EMP’ from ‘vasu’.
Varun
CSE 8th SEM
15011001051
Program No.:- 6
From Ver. 10g / 11g Oracle has also released Data Pump Export and Import tools, which are
enhanced versions of original Export and Import tools.
1. Type definitions
2. Table definitions
3. Table data
4. Table indexes
5. Integrity constraints, views, procedures, and triggers
6. Bitmap, function-based, and domain indexes
When you import the tables the import tool will perform the actions in the following order, new
tables are created, data is imported and indexes are built, triggers are imported, integrity constraints
are enabled on the new tables, and any bitmap, function-based, and/or domain indexes are built.
This sequence prevents data from being rejected due to the order in which tables are imported. This
sequence also prevents redundant triggers from firing twice on the same data.
When you just type exp or imp at o/s prompt it will run in interactive mode i.e. these tools will
prompt you for all the necessary input. If you supply command line arguments when calling exp or
imp then it will run in command line mode.
Varun
CSE 8th SEM
15011001051
Keyword Description (Default)
---------------------------------------------------------------------------------------------------------------------
USERID username/password
BUFFER size of data buffer
FILE output files (EXPDAT.DMP)
COMPRESS import into one extent (Y)
GRANTS export grants (Y)
INDEXES export indexes (Y)
DIRECT direct path (N)
LOG log file of screen output
ROWS export data rows (Y)
CONSISTENT cross-table consistency(N)
FULL export entire file (N)
OWNER list of owner usernames
TABLES list of table names
RECORDLENGTH length of IO record
INCTYPE incremental export type
RECORD track incr. export (Y)
TRIGGERS export triggers (Y)
STATISTICS analyze objects (ESTIMATE)
PARFILE parameter filename
CONSTRAINTS export constraints (Y)
OBJECT_CONSISTENT transaction set to read only during object export (N)
FEEDBACK display progress every x rows (0)
FILESIZE maximum size of each dump file
FLASHBACK_SCN SCN used to set session snapshot back to
FLASHBACK_TIME time used to get the SCN closest to the specified time
QUERY select clause used to export a subset of a table
RESUMABLE suspend when a space related error is encountered(N)
RESUMABLE_NAME text string used to identify resumable statement
RESUMABLE_TIMEOUT wait time for RESUMABLE
TTS_FULL_CHECK perform full or partial dependency check for TTS
TABLESPACES list of tablespaces to export
TRANSPORT_TABLESPACE export transportable tablespace metadata (N)
TEMPLATE template name which invokes iAS mode export
In the above command, FILE option specifies the name of the dump file, FULL option specifies
that you want to export the full database, USERID option specifies the user account to connect to
the database. Note, to perform full export the user should have DBA or EXP_FULL_DATABASE
privilege.
Varun
CSE 8th SEM
15011001051
Example of Exporting Schemas
To export Objects stored in a particular schemas you can run export utility with the following
arguments:
The above command will export all the objects stored in SCOTT and ALI’s schema.
Or, you can control how Import runs by entering the IMP command followed by various arguments.
To specify parameters, you use keywords:
Varun
CSE 8th SEM
15011001051
FROMUSER list of owner usernames
TOUSER list of usernames
TABLES list of table names
RECORDLENGTH length of IO record
INCTYPE incremental import type
COMMIT commit array insert (N)
PARFILE parameter filename
CONSTRAINTS import constraints (Y)
DESTROY overwrite tablespace data file (N)
INDEXFILE write table/index info to specified file
SKIP_UNUSABLE_INDEXES skip maintenance of unusable indexes (N)
FEEDBACK display progress every x rows(0)
TOID_NOVALIDATE skip validation of specified type ids
FILESIZE maximum size of each dump file
STATISTICS import precomputed statistics (always)
RESUMABLE suspend when a space related error is encountered(N)
RESUMABLE_NAME text string used to identify resumable statement
RESUMABLE_TIMEOUT wait time for RESUMABLE
COMPILE compile procedures, packages, and functions (Y)
STREAMS_CONFIGURATION import streams general metadata (Y)
STREAMS_INSTANITATION import streams instantiation metadata (N)
This command will import only emp, dept tables into Scott user and you will get a output similar to
as shown below:
Export file created by EXPORT:V10.00.00 via conventional path import done in WE8DEC
character set and AL16UTF16 NCHAR character set
. importing SCOTT's objects into SCOTT
. . importing table "DEPT" 4 rows imported
. . importing table "EMP" 14 rows imported
Example, Importing Tables of One User account into another User account
For example, suppose Ali has exported tables into a dump file mytables.dmp. Now Scott wants to
import these tables. To achieve this Scott will give the following import command
Then import utility will give a warning that tables in the dump file was exported by user Ali and
not you and then proceed.
Varun
CSE 8th SEM
15011001051
Suppose you want to import all tables from a dump file whose name matches a particular pattern.
To do so, use “%” wild character in TABLES option. For example, the following command will
import all tables whose names starts with alphabet “a” and those tables whose name contains
alphabet “d”
The Export and Import utilities are the only method that Oracle supports for moving an existing
Oracle database from one hardware platform to another. This includes moving between UNIX and
NT systems and also moving between two NT systems running on different platforms.
The following steps present a general overview of how to move a database between platforms.
1. As a DBA user, issue the following SQL query to get the exact name of all tablespaces. You
will need this information later in the process.
2. As a DBA user, perform a full export from the source database, for example:
3. Move the dump file to the target database server. If you use FTP, be sure to copy it in binary
format (by entering binary at the FTP prompt) to avoid file corruption.
4. Create a database on the target server.
5. Before importing the dump file, you must first create your tablespaces, using the information
obtained in Step 1. Otherwise, the import will create the corresponding datafiles in the same
file structure as at the source database, which may not be compatible with the file structure on
the target system.
6. As a DBA user, perform a full import with the IGNORE parameter enabled:
Using IGNORE=y instructs Oracle to ignore any creation errors during the import and permit
the import to complete.
Varun
CSE 8th SEM
15011001051
Program No.:- 7
1. COMMIT: COMMIT command to make changes permanent save to a database during the
current transaction.
2. ROLLBACK: ROLLBACK command execute at the end of current transaction and
undo/undone any changes made since the begin transaction.
3. SAVEPOINT: SAVEPOINT command save the current point with the unique name in the
processing of a transaction.
4. AUTOCOMMIT: Set AUTOCOMMIT ON to execute COMMIT Statement automatically.
5. SET TRANSACTION: PL/SQL SET TRANSACTION command set the transaction
properties such as read-write/read only access.
1. Commit
The COMMIT statement to make changes permanent save to a database during the current
transaction and visible to other users.
Syntax:
2. Rollback
The ROLLBACK statement ends the current transaction and undoes any changes made during that
transaction. If you make a mistake, such as deleting the wrong row from a table, a rollback restores
the original data. If you cannot finish a transaction because an exception is raised or a SQL
statement fails, a rollback lets you take corrective action and perhaps start over.
Syntax:
Varun
CSE 8th SEM
15011001051
SQL>ROLLBACK [To SAVEPOINT_NAME];
Example:
SQL>DECLARE
emp_id emp.empno%TYPE;
BEGIN
SAVEPOINT dup_found;
UPDATE emp SET eno=1
WHERE empname = 'Forbs ross'
EXCEPTION
WHEN DUP_VAL_ON_INDEX THEN
ROLLBACK TO dup_found;
END;/
3. Save point
SAVEPOINT savepoint_names marks the current point in the processing of a transaction.
Savepoints let you rollback part of a transaction instead of the whole transaction.
Syntax:
SQL>SAVEPOINT SAVEPOINT_NAME;
Example:
SQL>DECLARE
emp_id emp.empno%TYPE;
BEGIN
SAVEPOINT dup_found;
UPDATE emp SET eno=1
WHERE empname = 'Forbs ross'
EXCEPTION
WHEN DUP_VAL_ON_INDEX THEN
ROLLBACK TO dup_found;
END;/
4. Autocommit
No need to execute COMMIT statement every time. You just set AUTOCOMMIT ON to execute
COMMIT Statement automatically. It's automatic execute for each DML statement. set auto
commit on using following statement.
Example:
SQL>SET AUTOCOMMIT ON;
You can also set auto commit off.
SQL>SET AUTOCOMMIT OFF;
Varun
CSE 8th SEM
15011001051
5. Set Transaction
SET TRANSACTION statement is use to set transaction are read-only or both read write. you can
also assign transaction name.
Syntax:
SQL>SET TRANSACTION [ READ ONLY | READ WRITE ]
[ NAME 'transaction_name' ];
Set transaction name using the SET TRANSACTION [...] NAME statement before you start the
transaction.
Example:
SQL>SET TRANSACTION READ WRITE NAME 'tran_exp';
Varun
CSE 8th SEM
15011001051
Program No.:- 8
Data Concurrency:- Many users can access data at the same time.
Data Consistency:- Users should see a consistent view of the data, including visible changes
made by the user's own transactions and transactions of other users.
To describe consistent transaction behavior when transactions execute at the same time, database
researchers have defined a transaction isolation model called serializability. The serializable mode
of transaction behavior tries to ensure that transactions execute in such a way that they appear to
be executed one at a time, or serially, rather than concurrently.
Oracle offers two isolation levels, providing application developers with operational modes that
preserve consistency and provide high performance.
Preventable Phenomena
The SQL standard defines three phenomena and four levels of isolation that provide protection
against the phenomena. The three preventable phenomena are defined as:
1) Dirty Reads: - A transaction reads data that has been written by a transaction that has not been
committed yet.
2) Non- Repeatable Fuzzy Reads: - A transaction re-reads data it has previously read and finds
that another committed transaction has modified or deleted the data.
3) Phantom Read: - A transaction re-executes a query returning a set of rows that satisfy a search
condition and finds that another committed transaction has inserted additional rows that satisfy
the condition.
Isolation Level
The SQL standard defines four levels of isolation in terms of the phenomena a transaction running
at a particular isolation level is permitted to experience.
Varun
CSE 8th SEM
15011001051
Isolation Level Dirty Read Non-Repeatable Read Phantom Read
Read uncommitted Possible Possible Possible
Read committed Not possible Possible Possible
Repeatable read Not possible Not possible Possible
Serializable Not possible Not possible Not possible
Oracle offers the read committed and serializable isolation levels. Read committed is the default
and was the only automatic isolation level provided before Release 7.3.
Locking Mechanisms
In general, multi-user databases use some form of data locking to solve the problems associated
with data concurrency, integrity, and consistency. Locks are mechanisms used to prevent
destructive interaction between users accessing the same resource.
Resources include two general types of objects:
User objects, such as tables and rows (structures and data).
System objects not visible to users, such as shared data structures in the memory and data
dictionary rows.
Restrictiveness of Locks
In general, you can use two levels of locking in a multi-user database:
1) Exclusive Locks: - An exclusive lock prevents the associated resource from being shared and
are obtained to modify data. The first transaction to exclusively lock a resource is the only
transaction that can alter the resource until the exclusive lock is released.
2) Shared Locks: - A share lock allows the associated resource to be shared, depending on the
operations involved. Multiple users reading data can share the data, holding share locks to
prevent concurrent access by a writer (who holds an exclusive lock). Several transactions can
acquire share locks on the same resource.
Deadlocks
A deadlock is a situation that can occur in multi-user systems that prevents some transactions from
continuing work. A deadlock can occur when two or more users are waiting for data locked by each
other. Below given Figure illustrates two transactions in a deadlock.
In given below Figure, no problem exists at time point A, as each transaction has a row lock on the
row it attempts to update. Each transaction proceeds (without being terminated). However, each
tries to update the row currently held by the other transaction. Therefore, a deadlock results at time
point B, because neither transaction can obtain the resource it needs to proceed or terminate. It is a
deadlock because no matter how long each transaction waits, the conflicting locks are held.
Varun
CSE 8th SEM
15011001051
Figure: Two Transactions in a Deadlock
Lock Escalation
Lock escalation occurs when numerous locks are held at one level and the database automatically
changes the locks to different locks at a higher level. For example, if a single user locks many rows
in a table, the database might automatically escalate the user's row locks to a single table lock. With
this plan, the number of locks has been reduced, but the restrictiveness of what is being locked has
increased.
Lock escalation greatly increases the likelihood of deadlocks. For example, imagine the situation
where the system is trying to escalate locks on behalf of transaction T1 but cannot because of the
locks held by transaction T2. A deadlock is created if transaction T2 also requires lock escalation
before it can proceed, since the escalator is devoted to T1.
Varun
CSE 8th SEM
15011001051
Program No.:- 9
Several problems can halt the normal operation of an Oracle database or affect database I/O to disk.
The following sections describe the most common types. For some of these problems, recovery is
automatic and requires little or no action on the part of the database user or database administrator.
User Error
A database administrator can do little to prevent user errors (for example, accidentally dropping a
table). Usually, user error can be reduced by increased training on database and application
principles. Furthermore, by planning an effective recovery scheme ahead of time, the administrator
can ease the work necessary to recover from many types of user errors.
Statement Failure
Statement failure occurs when there is a logical failure in the handling of a statement in an Oracle
program. For example, assume all extents of a table (in other words, the number of extents specified
in the MAXEXTENTS parameter of the CREATE TABLE statement) are allocated, and are
completely filled with data; the table is absolutely full. If a statement failure occurs, the Oracle
software or operating system returns an error code or message.
Process Failure
A process failure is a failure in a user, server, or background process of a database instance (for
example, an abnormal disconnect or process termination).
The Oracle background process PMON detects aborted Oracle processes. If the aborted process is
a user or server process, PMON resolves the failure by rolling back the current transaction of the
aborted process and releasing any resources that this process was using.
Network Failure
When your system uses networks (for example, local area networks, phone lines, and so on) to
connect client workstations to database servers, or to connect several database servers to form a
distributed database system, network failures (such as aborted phone connections or network
communication software failures) can interrupt the normal operation of a database system.
Varun
CSE 8th SEM
15011001051
hardware problem, such as a power outage, or a software problem, such as an operating system
crash.
Database Backups
A database backup consists of operating system backups of the physical files that constitute an
Oracle database. To begin database recovery from a media failure, Oracle uses file backups to
restore damaged data files or control files.
Varun
CSE 8th SEM
15011001051